Malicious code in @uipath/maestro-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6885645b867aaec1056710aae316b39c7601e17728f7e35b391f02198b3832b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3555 Malicious code in @uipath/maestro-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6885645b867aaec1056710aae316b39c7601e17728f7e35b391f02198b3832b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @uipath/maestro-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6011a0c7aae20b028a8bdca262224d15d4c190b116cbc3d6f8dddef444ca84b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3554 Malicious code in @uipath/maestro-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6011a0c7aae20b028a8bdca262224d15d4c190b116cbc3d6f8dddef444ca84b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Maestro 0.15.4

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

From Tool Orchestration to Code Execution: A Study of MCP Design Choices

Model Context Protocols MCPs provide a unified platform for agent systems to discover, select, and orchestrate tools across heterogeneous execution environments. As MCP-based systems scale to incorporate larger tool catalogs and multiple concurrently connected MCP servers, traditional tool-by-too...

MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities

Cybersecurity researchers from Huntress detail a major VM Escape attack where hackers took over host servers. Using a secret toolkit called MAESTRO, the attackers stayed hidden for over a year. Read the exclusive details on how this breach was stopped and how to protect your network...

Supporting Secured Integration of Microarchitectural Defenses

There has been a plethora of microarchitectural-level attacks leading to many proposed countermeasures. This has created an unexpected and unaddressed security issue where naive integration of those defenses can potentially lead to security vulnerabilities. This occurs when one defense changes an...

AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI

This paper introduces the Agentic AI Governance Assurance & Trust Engine AAGATE, a Kubernetes-native control plane designed to address the unique security and governance challenges posed by autonomous, language-model-driven agents in production. Recognizing the limitations of traditional...

EUVD-2014-8574

Malware in sbrugna...

EUVD-2012-2703

Malware in sbrugna...

EUVD-2012-3746

Malware in sbrugna...

EUVD-2025-7955

Malicious code in bioql PyPI...

Building a Secure Agentic AI Application Leveraging A2A Protocol

As Agentic AI systems evolve from basic workflows to complex multi agent collaboration, robust protocols such as Google's Agent2Agent A2A become essential enablers. To foster secure adoption and ensure the reliability of these complex interactions, understanding the secure implementation of A2A i...

CVE-2025-30561

Cross-Site Request Forgery CSRF vulnerability in Henrique Mouta CAS Maestro cas-maestro allows Stored XSS.This issue affects CAS Maestro: from n/a through = 1.1.3...

CVE-2025-30561

Cross-Site Request Forgery CSRF vulnerability in Henrique Mouta CAS Maestro cas-maestro allows Stored XSS.This issue affects CAS Maestro: from n/a through = 1.1.3...

CVE-2025-30561

CVE-2025-30561: In CAS Maestro, a CSRF can lead to stored XSS in versions up to 1.1.3. The Wordfence vulnerability listing confirms the affected product/version and notes the patch status as pending/unpatched; no specific remediation (patch version) is provided in the available documents. Monitor...

CVE-2025-30561 WordPress CAS Maestro plugin <= 1.1.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Henrique Mouta CAS Maestro allows Stored XSS. This issue affects CAS Maestro: from n/a through 1.1.3...

WordPress CAS Maestro plugin <= 1.1.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin CAS Maestro versions = 1.1.3...

WordPress plugin CAS Maestro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...